This invention relates to authentication security systems employed in both computer and telecommunications networks and in any security system or other resources that uses a set of numbers or codes to be entered manually by a customer. More particularly, the present invention relates to an authentication security method based on keystroke dynamics.
Network security is becoming increasingly problematic with the recent explosion in computers, networks and growing TV-PC usage. With the emergence of a myriad number of xe2x80x9con-linexe2x80x9d databases and services, traditional forms of network security are no longer sufficient to ensure that only authorized users or paying subscribers are able to gain access to secured networks. More and more people are discovering the advantages of shopping on the Internet. According to Forrester Research, Inc. in 1997 consumers spent online $2.4 billion, this figure is likely grow to $17.3 billion by 2001. Security of transactions is always in question. The Internet growth is restrained by consumers"" concern over the potential for theft, fraud and misuse of their credit card numbers. Regardless of the security measure used, it""s all about keeping the wrong people from seeing or hearing your private data.
Disadvantages of the conventional firewalls are:
Firewalls are designed to guard Intranet servers or LANs. An unauthorized access could be performed from any terminal connected to the network since the security is dependent upon the password of a particular user instead of the particular connection made to the network. Disgruntled employees and hackers can easily sneak through the network""s back door without ever being caught by the firewall.
Once a user is logged-on to the computer or to the network, there is no means for periodic dynamic verification of the connection to the network which is transparent to the user and precludes attacks or misuse in cases when the qualified user leaves, or is forced to leave, his computer or terminal unattended.
Disadvantages of the conventional encryption techniques are:
Encryption cards along with the PINs can be stolen and systems which authenticate the access has no way to detect the fraudulent use of the account.
Inconvenient procedure for usersxe2x80x94users need to enter their PIN into the encryption card first (except for SecurID), then manually type in the generated key from the encryption card display into their system upon logon.
Should users fail on any step in the multi-staged authentication procedure, whole sequences need to be repeated from scratch. Some encryption cards even lock on repeated failures.
According to recent surveys by the Computer Security Institute/FBI and Ernst and Young, nearly half of all attacks on firewalls come from xe2x80x98withinxe2x80x99 the network and via dial-up connections.
The present invention is equally applicable for protecting intranet and extranet servers or LANs from inside attacks since it makes stealing or guessing a password obsolete. For example, a hacker could not gain entry since the security system of the present invention is preferably based on biometric characteristics in the form of a typing characteristics token which may be created by the user each time he or she logs-in.
This invention relates to an improved security system that inhibits eavesdropping, dictionary attacks, and intrusion into computers, workstations and other computer systems requiring password for connection validation.
The present invention is aimed to enhance security of password-related applications and connections and to add value to conventional password-based security systems by providing protection from outside threats and internally based attacks.
The programmed microcontroller of the present invention measures certain characteristics of keystroke dynamics which are independent of the typing text and, upon statistical filtering and processing, a xe2x80x9ctyping characteristicxe2x80x9d (e.g., in the form of a token or xe2x80x9cTYPING BARCODExe2x80x9d) is created for the each individual.
The proposed method of security is independent of computer platform since the algorithm and associated program are preferably realized on a microcontroller embedded in a keyboard that performs the primary measurements (preferably with an accuracy of 0.001 s) and primary statistical processing and filtering and then sends the results to the associated CPU in the form of TYPING BARCODE for the purpose of authenticating the user and possibly as a local security lock or for validation of server connection. The CPU may also be provided with a program that allows receipt of the keyboard typing characteristics token and comparison with the stored typing characteristics token associated with each user (the stored typing characteristics token may be associated with a user password, terminal identification number, IP address, other network identifier or other form of user identification). Similarly, in case of a network connection, the server is provided with the program that allows it to receive a typing characteristics token and compare it with a stored token in its memory, again the stored tokens preferably being associated with issued passwords.
The present invention fulfills the following security objectives:
It adds value to a typical password routine since it precludes access to a computer system by a unauthorized user who may have access to a valid password but whose currently generated TYPEPRINT BARCODE does not match the stored xe2x80x9cESTABLISHEDxe2x80x9d typing characteristic token associated with the particular password.
In a security critical environment the program of the present invention could be run on a background at a controlled intervals allowing a continuous security monitoring mode. In this mode of operation the program preferably creates a TYPING BARCODE without actually recording the input text.
This type of additional password security is easy to use since it is transparent to a user, and requires no additional hardware except the microcontroller of the present invention.
The generation of the TYPING BARCODE is based on controlled studies that reveal that the unconscious directs the thinking needed to do a task automatically. When a person first learns to type, it requires very conscious effort. But when typing becomes automatic, its control is shifted over to the unconscious, so the conscious mind can attend to more challenging tasks. Typing as a subconscious process is characterized by the stability of individual characteristics. For example, if a person routinely types his or her password, his/her separate elements of typing (time intervals for pressing and holding of separate keys) would be very stable or reproducible under normal typing conditionsxe2x80x94when attention distraction is excluded or minimized.
Regular users of a keyboard type automatically, in a subconscious manner, i.e., typing is characterized by individual features which are as unique as person""s fingerprints.
The invention relates to a microcontroller to be incorporated into a computer keyboard and an algorithm for processing user""s keystroke dynamics and creating a TYPING BARCODE unique to a keyboard user. The TYPING BARCODE according to the present invention is used as the token for authentication purpose.
Accordingly, it is one object of the present invention to provide a method and apparatus for implementing security in log-in to a computer or to telecommunications network which uniquely characterizes both the network user or subscriber and the particular connection made to the network.
It is another object of the present invention to provide a method and apparatus for securing access to a network service, database or device which uses the authentication of a manually input password identifying both the specific user or subscriber and the particular connection to the network made by the user or subscriber.
It is a further object of the present invention to provide enhanced security system for critical applications requiring a constant surveillance of the computer or workstation or terminal activity. This enhanced security is provided by creating a TYPING BARCODE which is independent of inputted text and is transparent to users.
The method and programs developed for implementation of this method are based on two premises:
Regular users of keyboard type automatically in a subconscious manner, i.e. typing is characterized by individual features which are as unique as person""s fingerprints.
The proposed microcontroller and algorithm measure certain characteristics of keystroke dynamics which are independent on the typing text and after proposed statistical filtering and processing creates a TYPEPRINT BARCODE pattern unique for each individual.
To make this technology independent of computer platform the algorithm and the program are preferably realized on microcontroller embedded in a keyboard (that preferably performs the primary measurements with an accuracy of 0.001 s) The microcontroller is preferably programmed to perform the primary statistical processing and filtering and for delivery of the results to a CPU for further processing and evaluation.
The microcontroller is preferably programmed as a multichannel analyzer which is framed on the basis of a developed matrix. In one embodiment the microcontroller has two registers with five cells in each register for recording the typing information (preferably in reversed time units (RTU)).
As discussed, the TYPING BARCODE adds value to the password routine as it would deny access to a user using a correct password whose TYPING BARCODE does not match one recorded for the particular password.
The algorithm preferably incorporates a controlled filter that cuts-off keystroke dynamics, for example, with RTU values less than 500 and data with the deviation values more than the preset value (default value is 20%).
The algorithm program of the present invention could be embedded into any security system that uses a set of numbers or codes to be entered manually by a customer. For example, cellular phones, ATM machines, programs performing financial transactions on Internet, or car locking devices, etc.
In a security critical environment the program of the present invention could be run on a background at a controlled intervals allowing a continuous security monitoring mode.
Since the proposed method of computer and other resources security can reliably generate a unique character sequence, (e.g., TYPING BARCODE or token), preferably numeric, for every human being based on his/her keystroke dynamics, the sequence may be used as a seed in the encryption key generation.
The microcontroller embedded in a keyboard may be supplied during manufacturing, or programmed, with the unique identification number which is sent to a CPU or to a server in case of network communication along with the generated typing characteristics token of the user. In one embodiment, the token is generated during the log-in procedure. In such case, the entered password is used for one form of validation while the generated token is used as another form of identification, additionally a microcontroller unique identification number may be used for identifying the particular connection to the network.